Configuring Additional Password Rules for Tivoli Identity Manager

Configuring Additional Password Rules for Tivoli Identity Manager

There are 2 different ways to accomplish this task, automatically or manually.

Method 1: Automatically copy the files, as follows:

There is a script that is located in folder /export/home/<Name Wanted>_rules named  This script will copy the <Name Wanted>.jar and MANIFEST.MF to the appropriate folders, it will also append 3 new password rules to the correct properties file.

The <Name Wanted>.jar, MANIFEST.MF and the files must exist in the same directory as the

The code within the script copies the 2 files and performs a ‘cat’ function (as in concatinate) to the file that exist in itim/data directory.

Here are the 3 lines that will be appended to the file that resides in /itim/data.


Once the script has been completed successfully you will need to edit the file. This is where the labels for the 3 new attributes are configured. Below are what the statements should look like in the CustomLabels.Properties file. Upper Case Required Lower Case Required Special Characters Required

Method 2: Manually copy the files, as follows:

There are 4 separate steps that need to be completed to successfully add additional password rules for the ITIM system. Each step is described below and needs to be completed in order so that the additional rules work correctly.

Verify that the MANIFEST.MF member resides in the META-INF folder.

The META-INF folder is location in:


Add “<Name Wanted>.jar” to the Class-Path, verify that you can see Class-Path Entry where the <Name Wanted>.jar was added.

Verify that the <NameWanted>.jar member resides in the enRole.ear directory.

The enRole.ear folder is location in:


Edit the file to add the new labels for the 3 new password attributes.

    1.  Change the directory to /itim/data
        1.  vi file and add the 3 new password labels. Then save the file, as a precaution backup the file before you start to edit it.


Edit the file, add the 3 password attributes and set them to equal true.

The file resides in “itim/data

Questions, comments or concerns? Feel free to reach out to us below or at IDMWORKS